Date: Sat, 2 Aug 2008 12:21:07 -0700 From: Chris Palmer <chris@noncombatant.org> To: Tim Clewlow <tim@clewlow.org>, Liste FreeBSD-security <freebsd-security@freebsd.org> Subject: Re: A new kind of security needed Message-ID: <BB4DBED4-9AAA-40F8-BF7D-38D42315CCBF@noncombatant.org> In-Reply-To: <51075.192.168.1.10.1217298987.squirrel@192.168.1.100> References: <60254.1216921273@critter.freebsd.dk> <4888C882.30707@elischer.org> <200807242320.m6ONKPgW007279@apollo.backplane.com> <51095.192.168.1.10.1216955905.squirrel@192.168.1.100> <20080725045654.GA1572@baranyfelhocske.buza.adamsfamily.xx> <f383264b0807281228t7a20861do2f0c150cb5eb67f3@mail.gmail.com> <51075.192.168.1.10.1217298987.squirrel@192.168.1.100>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 28, 2008, at 7:36 PM, Tim Clewlow wrote: > I'd like to offer a possible solution that I believe can be both > secure and usable. This will use the AID concept outlined above. What is an AID, and where does it come from? Is it a sequential uid_t assigned at install-time, is it the SHA-256 hash of the ELF file, or something else? What about programs that call dlopen(3) or which are controllable via RPC/LPC (Benjamin Lutz mentioned DCOP)?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BB4DBED4-9AAA-40F8-BF7D-38D42315CCBF>